April meeting summary: How to be responsibly paranoid

Be scared, and be prepared…

The April meeting featured a sobering yet fascinating, presentation by Kelly Higgins Clark and Brady Genz on computer security.

As we all know, 2014 was a big year for big hacks: “the year of the Retailer Data Breach,” Kelly called it. Fatalism, while depressing, is the only realistic attitude toward cybercrime, given 1) the determination and resources of cybercriminals; 2) the inadequacy of single-purpose security tools (firewalls, antivirus software); 3) the shortage of qualified security specialists; and 4) the simple fact that data is everywhere — and most of it is beyond the control of IT personnel.

Of course, individuals are vulnerable, too, and the hows (and how-to-prevents) of hacking apply to digital presences big and small. Here’s a sampling of what we learned in that regard.

Vulnerability: Human beings are gullible (phishing scams)
Defense: Be (reasonably) paranoid! Clicking the wrong place can lead to bad things. Virus/anti-malware scans are good tools. Don’t be afraid to take a “my security matters” attitude toward strange emails and the like. Call someone (or some company) if you suspect they didn’t really send that email out of the blue. If it’s clear someone’s address has been compromised, let them know and encourage them to take action.

Vulnerability: Human beings pick weak passwords, and use them over and over
Defense: Use strong, unique, 12-16 character passwords–different ones for each site. If you can’t manage this on your own, try a password manager. Password managers create/store passwords and thus allow you to cut down on your typing, save your brain power, and also use a different password for each site. Also, opt for two-factor authentication wherever possible.

Vulnerability: Your data is too precious (and only in one place)
Defense: Back it up! With the ease of free software and the low cost of external hard drives, the only excuse not to regularly back up data you care about is a lack of commitment (or total denial) that disaster can happen to you. On a daily basis, keep in mind that services like Google Drive and Dropbox offer easy ways to backup (to the cloud) your most important files. Criminals can’t hold your files for ransom if you have another copy, can they? (And even if you don’t, NEVER negotiate/pay them.)

Vulnerability: Outdated software
Defense: Don’t ignore updates! Think of computer maintenance the way you do oral care: when you brush and floss regularly, your check-ups are better.

Vulnerability: Public Wifi
Defense: Use a VPN. If your workplace doesn’t offer one (often its required to work from home), there are free ones available, even for smartphones. Check out HotSpotShield and FSecure Freedome.

PDF of Kelly’s Slides

By |2017-04-12T12:24:25+00:00April 10th, 2015|Event Followup|